Massive Cyber Attack on AWS: 230M Targets Scanned

Attackers exploited publicly accessible .env files containing sensitive credentials to gain unauthorized access to multiple cloud environments.  By leveraging exposed environment variables, long-lived credentials, and a lack of least privilege, attackers established infrastructure within victim organizations’ AWS environments to scan for additional targets.  It resulted in the exfiltration of sensitive data from cloud storage containers … Continue reading Massive Cyber Attack on AWS: 230M Targets Scanned